package org.sxp.common.config;

import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Configuration;
import org.sxp.common.cache.shiroRedis.RedisManager;
import org.sxp.common.cache.shiroRedis.SerializeUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;

/**
 * @author shenxingping
 * @TODO 描述
 * @date 2022/06/08
 */
public class ShiroWebSessionManager extends DefaultWebSessionManager{

    @Override
    protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        /* 此方法获取客户端cookie的值,如果你的项目将sesssionId放在requestparam中，或者拼接在url中，请查看该方法源码，自行修改*/
        String sessionId = super.getSessionIdCookie().readValue(httpRequest, WebUtils.toHttp(response));
        if(sessionId != null){
            /*此处并非http 的session，是shiro在redis中缓存的session（SimpleSession）*/
            /* 此方法是查询redis中的session，笔者在sessionDao中注入了redisManager如果你重写了RedisSessionDAO，则需要更改获取session的方法 */
            Session session = getSessionDAO().readSession(sessionId);
            if(session == null){
                return null;
            }
        }
        /*   如果redis中session未过期，此处必须调用父类获取方法 */
        return super.getSessionId(request, response);
    }
}
